Test Kennung:	1.3.6.1.4.1.25623.1.0.800411
Kategorie:	Web Servers
Titel:	NaviCOPA Web Server Source Code Disclosure Vulnerability
Zusammenfassung:	NaviCOPA Web Server is prone to Source Code Disclosure vulnerability.
Beschreibung:	Summary: NaviCOPA Web Server is prone to Source Code Disclosure vulnerability. Vulnerability Insight: This issue is caused by an error when handling requests with the '%20' string appended to the file extension. Vulnerability Impact: Successful exploitation will allow remote attackers to display the source code of arbitrary files (e.g. PHP) instead of an expected HTML response. Affected Software/OS: NaviCOPA Web Server version 3.0.1.2 and prior on windows. Solution: Upgrade to the NaviCOPA Web Server version 3.0.1.3 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4529 BugTraq ID: 36705 http://www.securityfocus.com/bid/36705 http://freetexthost.com/n5l0h34pxc http://pocoftheday.blogspot.com/2009/10/navicopa-web-server-3012-remote-source.html http://www.packetstormsecurity.org/0910-exploits/navicopa-disclose.txt http://osvdb.org/58949 http://secunia.com/advisories/37014 http://www.vupen.com/english/advisories/2009/2927 XForce ISS Database: navicopa-source-information-disclosure(53799) https://exchange.xforce.ibmcloud.com/vulnerabilities/53799
Copyright	Copyright (C) 2010 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.